Weekly Cybersecurity Recap July 21
Table of Contents
- By Steven
- Jul 21, 2023
It's been a few months since the MOVEit data breach occurred, and more than 130 companies have been reported as being hit and exposed by the connected attacks. It's clear that there will be no immediate end to these attacks, and three of the five attacks we're reporting this week are all connected to MOVEit file services. Government services, investment companies, public universities, and healthcare services were all hit this week. Companies like Ameritrade, HCA Healthcare, and GuidePoint Security were targeted, along with seven Idaho colleges and all of Hillsborough County, Florida. Find out the specifics about all these data breaches and learn if any of your data was exposed.
TD Ameritrade is a massive investment company with over 11 million clients and $1 Trillion in managed assets. The organization has over 6,000 independent investors that handle client services. This huge financial services company was breached during the MOVEit data breaches, and the attack could cost investors millions of dollars and substantial personal credit problems as well. More than 5,500 individuals were notified of the breach, and personal data was taken in it. The MOVEit data breach is impacting a widespread number of companies and it's likely Ameritrade was exposed at the end of May or the beginning of June like so many of the others involved in this attack.
Seven Idaho Colleges
Many different schools and universities in the United States rely on the Teachers Insurance Annuity Association and the National Student Clearinghouse to manage teacher and student services. There were seven separate colleges in Idaho impacted by data breaches on these two organizations. These schools include Lewis-Clark State College, Boise State University, The College of Southern Idaho, the College of Western Idaho, North Idaho College, and the University of Idaho. All those schools lost data for students and teachers, and anyone attending those locations could have lost their birth dates, Social Security numbers, addresses, first and last names, and more data.
HCA Healthcare is one of the most significant healthcare systems in the United States today. The company manages medical data for countless doctor's offices and hospitals. That massive company recently suffered a data breach that exposed more than 11 million patients. The breach was an attack on one of its third-party data storage locations and over 27 million rows of information were taken in the attack. HCA Healthcare talked about the attack with InnovationRX to help spread awareness about the attack.
Hillsborough County, Florida
Hillsborough County, Florida, is a centrally-located county with more than 1.4 million residents. The county was another victim of the MOVEit data breach attacks, leaving citizens and government officials with missing data taken by the hacker group. The county is sending notices to local residents, and more than 70,636 are being contacted overall, explaining that their Social Security Numbers, medical diagnoses, disability codes, and home addresses may have been stolen in the attack.
GuidePoint Security, a software-based security company in Herndon, Virginia, was the latest victim of the MOVEit data breach attacks. The company relied on the service to protect client data, and on June 1, it was discovered that some of that data was stolen in the widespread MOVEit attacks. Vitality Group International, a third-party security team working with GuidePoint, caught the issue and reported it to the Maine Attorney General, and GuidePoint has since made important protective changes to its network and services, but many people were exposed before then. Full names and Social Security numbers are the main data points known to be exposed.